South Korean banks, broadcasters hit by massive cyber attack

South Korea has been subjected to a huge cyber attack today,
with major media and financial organisations knocked offline by
what the South Korean military has described as "malignant
code".

According to the Yonhap news agency, at around 2pm Seoul time (5am GMT) the
internal networks of three broadcasters (KBS, MBC and YTN), three
banks (Shinhan, Nonghyup and Jeju) and two insurance firms were
"paralysed" by the attack. While broadcasts on the news
networks and withdrawals from ATMs were unaffected, according to
tweets from people inside South Korea services like mobile banking
were "totally
down". The government there has yet to find direct evidence the
attack is the North's responsibility, but it is investigating the
suspicion, and the military has increased its information surveillance status just in case it's
an act of war.

Many of the computers subject to attack were remotely wiped. Screengrabs and footage of computers displaying a message from
a hacking group calling itself the "Whois Team" has been posted
online, claiming to have been found on machines owned by LG, but LG
has denied being hacked so the connection to the banking and media
attacks is unclear. Woori Bank also reported that it had
been attacked, but said that it had managed to resist its internal
network becoming compromised.

The attacks could be retribution for hacks the North claims to
have experienced over the past few weeks, which it blames on
the United States and its allies. Those attacks took down many of
the few sites the regime runs for the rest of the world, such as
national airline Koryo Air and the Korea Central News Agency.
However, the North does have a history of sending cyber attacks to conservative newspapers and
other media in the South -- while the country did announce today that if the US carried out planned
exercises with B-52 bombers on the peninsula it would take military
action, it's the latest in a line of blustering comments over the
past weeks which included cancelling of the 1953 armistice.

It appears that, as tensions are rising on the peninsula, a
cyber war is breaking out even if a physical war isn't. That should
perhaps be welcomed if it means that artillery bombardments that
kill civilians, as with the 2010 bombardment
of Yeonpyeong, can be avoided.

However, the emergence of cyber attacks as genuine tool of
warfare -- or even what might seem recognisable as a kind of cold
warfare -- is continuing apace around the world. Taiwan announced today that it has set up a dedicated intelligence
unit to shield the country against the threat of Chinese cyber war,
which could, according to Tsai Teh-sheng of the National
Security Bureau, "sabotage Taiwan's infrastructure and spoil
financial order whenever needed".

China's cyber attack capabilities have also been criticised
by Barack Obama, who has said that he is engaging in "tough talk"
with the country's leaders over the issue. He used part of his
latest State of the Union Address in February to announce an executive order aimed at beefing up US cyber
security infrastructure, and while the Cyber Intelligence Sharing
and Protection Act (CISPA) was ostensibly marketed as a measure to
improve American cyber security it was roundly defeated in the
Senate after being threatened with veto by Obama for its
extraordinary attacks on civil liberties.

The bill was reintroduced in February, and a campaign is again underway to
prevent it being passed. Meanwhile in the UK, the National Cyber
Crimes Unit has been set up to unify national responses to cyber
activity, but the government's overall approach to cyber security
still involves massive invasions of privacy, including the
so-called Snooper's Charter that would give the police and
intelligence services the ability to monitor all web traffic in and
out of the UK. The minister for security, James Brokenshire,
recently confirmed that the government plans to introduce the bill "at
the earliest possible opportunity".